The European data protection organization Noyb has filed six data protection complaints against the video platform Tiktok, the fashion retailer Shein, the smartphone manufacturer Xiaomi and other Chinese companies for violating the European General Data Protection Regulation (GDPR). The organization “None Of Your Business,” co-founded by data protection activist Max Schrems, accuses companies of unlawful data transfers to China.
Noyb explained that four of the companies had openly admitted that they were sending personal data to China, while the rest spoke of undefined “third countries”. However, according to current EU law, data transfers to countries outside the EU are only permitted if the destination country does not undermine data protection.
“No level of data protection like in the EU”
Kleanthi Sardeli, data protection lawyer at Noyb explained: “China is an authoritarian surveillance state. Companies cannot realistically protect EU data from access by Chinese authorities.” It is completely clear that China does not offer the same level of data protection as the EU. The transfer of personal data from customers from Europe is clearly illegal and must be stopped immediately.
The Noyb association has now filed six GDPR complaints in five European countries and is calling for an immediate stop to data transfers to China. In order to prevent similar violations in the future, data protection activists are suggesting that the authorities impose an administrative penalty. Such a fine can amount to up to four percent of global annual sales, which for online retailer Temu can amount to 1.35 billion euros.
Noyb co-founder Max Schrems had previously brought fear to the Facebook group Meta in two lawsuits and twice overturned important data agreements between the USA and Europe before the European Court of Justice. (dpa)